Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hard-coded vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-11743
MEDHOST Connex contains a hard-coded Mirth Connect admin credential that is used for customer Mirth Connect management access. An attacker with knowledge of the hard-coded credential and the ability to communicate directly with the Mirth Connect management console may be able to ...
Medhost Connex -
9.1
CVSSv3
CVE-2017-11693
MEDHOST Document Management System contains hard-coded credentials that are used for customer database access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with the database may be able to obtain or modify sensitive patient and ...
Medhost Medhost Document Management System -
7.5
CVSSv3
CVE-2017-6054
A Use of Hard-Coded Cryptographic Key issue exists in Hyundai Motor America Blue Link 3.9.5 and 3.9.4. The application uses a hard-coded decryption password to protect sensitive user information.
Hyundaiusa Blue Link 3.9.4
Hyundaiusa Blue Link 3.9.5
5.3
CVSSv3
CVE-2017-6039
A Use of Hard-Coded Password issue exists in Phoenix Broadband PowerAgent SC3 BMS, all versions prior to v6.87. Use of a hard-coded password may allow unauthorized access to the device.
Phoenixbroadband Poweragent Sc3 Bms Firmware
7.8
CVSSv3
CVE-2021-27452
The software contains a hard-coded password that could allow an malicious user to take control of the merging unit using these hard-coded credentials on the MU320E (all firmware versions prior to v04A00.1).
Ge Mu320e Firmware
7.2
CVSSv3
CVE-2022-47617
Hitron CODA-5310 has hard-coded encryption/decryption keys in the program code. A remote attacker authenticated as an administrator can decrypt system files using the hard-coded keys for file access, modification, and cause service disruption.
Hitrontech Coda-5310 Firmware -
9.1
CVSSv3
CVE-2021-36312
Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A remote high privileged attacker, with the knowledge of the hard-coded credentials, may potentially exploit this vulnerability to gain unauthorized access to the system.
Dell Cloudlink
2.1
CVSSv3
CVE-2022-32967
RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information.
Realtek Rtl8111ep-cg Firmware
Realtek Rtl8111ep-cg Firmware 5.0.10
Realtek Rtl8111fp-cg Firmware
Realtek Rtl8111fp-cg Firmware 5.0.10
7.8
CVSSv3
CVE-2022-34462
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password Vulnerability. An attacker, with the knowledge of the hard-coded credentials, could potentially exploit this vulnerability to login to the system to gain admin privileges.
Dell Emc Secure Connect Gateway Policy Manager
9.8
CVSSv3
CVE-2023-23770
Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site Controller Man Machine Interface (MMI), allowing for service technicians to diagnose and configure the device, accepts a hard-coded backdoor password that cannot be changed or disabled.
Motorola Mbts Site Controller Firmware R05.32.58
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »